preprints.org > computer science and mathematics > artificial intelligence and machine learning > doi: 10.20944/preprints202209.0103.v1

Preprint Article Version 1 Preserved in Portico This version is not peer-reviewed

Version 1 : Received: 6 September 2022 / Approved: 7 September 2022 / Online: 7 September 2022 (05:33:40 CEST)

Portable Document Format (PDF) files are one of the most universally used file types. This has fascinated hackers to develop methods to use these normally innocent PDF files to create security threats via infection vectors PDF files. This is usually realized by hiding embedded malicious code in the victims’ PDF documents to infect their machines. This, of course, results in PDF Malware and requires techniques to identify benign files from malicious files. Research studies indicated that machine-learning methods provide efficient detection techniques against such malware. In this paper, we present a new detection system that can analyze PDF documents in order to identify benign PFD files from malware PFD files. The proposed system makes use of the AdaBoost decision tree with optimal hyperparameters, which is trained and evaluated on a modern-inclusive dataset, viz. Evasive-PDFMal2022. The investigational assessment demonstrates a lightweight-accurate PDF detection system, achieving a 98.84% prediction accuracy with a short prediction interval of 2.174 μSec. To this end, the proposed model outperforms other state-of-the-art models in the same study area. Hence, the proposed system can be effectively utilized to uncover PDF malware at high detection performance and low detection overhead.

Portable Document Format (PDF); machine learning; detection; optimizable decision tree; Ada-Boost; PDF malware; evasion attacks; cybersecurity

Computer Science and Mathematics, Artificial Intelligence and Machine Learning

* All users must log in before leaving a comment